You appear to be offline. Some site functionality may not work.

Disabling SSLv3 Due to POODLE Vulnerability

Oct 14, 2014 in Security

There have been rumors all week about a new SSL vulnerability that specifically targets the older version 3 of the SSL protocol. Google just published the full details in their POODLE report.

The vulnerability allows an attacker to use padding to circumvent the encryption provided by SSL and get at the plaintext content. Newer versions of TLS (what SSL became after version 3) are not vulnerable, and most modern browsers use the newer versions of TLS.

Based on our understanding of the POODLE vulnerability (mainly the fact that there is currently no workaround), and the fact that we have very little traffic running over SSLv3 (around .5% globally), we are disabling SSLv3 for all Fastly SSL customers, effective immediately. This will mainly affect users of Windows XP Pre-service pack 3 combined with IE version 6. If you are in this group, please upgrade to a more recent browser.

If you have any questions or concerns, please reach out to our support team by emailing support@fastly.com.

Security

You may also like:

Subscribe to our newsletter

Subscribe to our newsletter

Securing the news: TLS for media sites

TLS is especially applicable to news sites. News organizations bear a public responsibility to accurately report the news, and need to take the steps necessary to ensure credibility. The security of online news content is…

Caching the Uncacheable: CSRF Security

In this post, I investigate several strategies for maintaining security while improving cacheability. I use Ruby on Rails for the examples, but the techniques apply to nearly any web application framework.

More Advanced Security Features for Your Fastly Account

Security is one of our top priorities at Fastly. We recognize that having your account compromised could have a profoundly negative impact on your business, leaving you and your customers vulnerable and at risk. So,...

Author

Sean Leach | SVP of Product

Sean is SVP of Product at Fastly, where he is responsible for the Fastly product roadmap definition and execution. His current research focus is on DNS, DDoS, web/network performance, internet infrastructure, and combating the massive Internet security epidemic.

seanleach